User in iocage jail unable to access mounted dataset containing mapped user in group

[KenwoodFox]

Hey FreeNAS team!
I'm used to the old FreeNAS, just as a warning and I'm having trouble with this new iocage stuff
I've installed Syncthing, and all the file manipulation is done with user syncthing:syncthing with id 983
Installing the plugin no longer adds the user so I added user syncthing with group syncthing and id 983 manually, looking online I think this is normal?
I mounted the dataset in question inside the jail.

The dataset is owned by a user and has group wheel as the owning group, permissions say groups can read write and execute.
I added my mapped syncthing user to wheel and tried using wheel as its primary and as an auxiliary group, and so far syncthing user in the jail is unable to edit mounted files. I'd love some help, I think I'm looking over something basic. Thanks for the help.

 

[garm]

You’re doing it backwards.

First, don’t use wheel. It’s a privileged group you should only use for system maintenance.

Your users in FreeNAS and their group assignment don’t matter. When thinking about this it’s the jail you need to consider.

The dataset in FreeNAS you want to share to the jail need to have an owning group with sufficient privileges in FreeNAS, that’s it on FreeNAS side.

You then set up the same group and GID in the jail and make the service user member of it, in the jail.

 

[KenwoodFox]

Thank you so much for your reply.
I don't think i can change the user the syncthing service uses, ill look more into that
I created a new group and gave that group write and read permissions in the dataset, the dataset is owned by another user not in the group, i made sure the group matched the syncthing group already on the jail, it should be the same as if i created them in the reverse order?
Still no luck, I'll keep trying.

 

[garm]

No, make the Syncthing user member of the group owning the data, in the jail

 

[KenwoodFox]

Ok, created new group with uid over 1000, named it jails
Added jails as an aux group for my user syncing (on the freenas side), do I also have to add the syncthing user in my jail to a group called jails?
Looks like its not working, logged in as root inside then jail, and checked the ownership of some files, I can see they're owned by the user owning the dataset, and owned by the group jails.